It's difficult to tell what is being asked here. This question is ambiguous, vague, incomplete, overly broad, or rhetorical and cannot be reasonably answered in its current form. For help clarifying this question so that it can be reopened, visit the help center.
If this question can be reworded to fit the rules in the help center, please edit the question.

Welcome to Information Security. Please take a look at the FAQ, this question is really very open ended. Besides which, you didnt specify what security field you're looking at - these are varied and can be very different. Meanwhile, take a look at the career tag, I'm sure you'll find some helpful information there.
–
AviD♦Feb 12 '13 at 15:09

2 Answers
2

It really depends on what you want to do in computer security. To be a generalist, you are going to want to put more time in to getting a solid understanding of the principals of cryptography, if not the exact algorithms. Without this, it would be kind of like a carpenter that doesn't know what different wood working tools are used for. They wouldn't know when to pick which tool. Number 4 and 5 are really the same thing I think. You can't have a good understanding of how cryptography works practically (the limitations and strengths) without also understanding the theory behind it at a similar level, at least in my experience.

Good is also a rather nebulous term since it could have any number of meanings. Certainly it would be beneficial (probably critical) to know enough to hold a coherent conversation with a specialist in each of the particular fields.

A pretty open question indeed. As you have asked for 'your’ (reading 'my') opinion, the way I look at it is this from a two-fold approach:

1 - Technical Approach:
Technically speaking, everything in computing ultimately seems to lead to coding (and I use the term in its general term as opposed to 'clicking buttons': really understanding things at a text level). I place Coding at the top of the tree with the subbranches being 'OS', 'Networking', 'Languages' (i.e., C, Java, Python, HTML, etc) and 'Databases'. If I could go back in past and start studying and learning all over again, I would definitely start with Coding, understanding how processes work at a low-level and work my way up the levels. So I would probably start with Assembly. Parallel to this, I would also dedicate time for the other four aspects I mentioned above ('OS', 'Networking', 'Languages' and 'Databases').

2 - Psychological Approach:
Interestingly enough, I don't think that being only technically skilled is enough. I would probably risk saying that it is even more important to have the right frame of mind, which in this case, I would further subdivide it into another two categories:
2a A certain 'sixth sense' for danger, a hunch and a feeling that we might either incorporate it into our way of thinking by constantly training your mind with texts and papers on general security or by being naturally talented.
2b A subversive frame of mind; a curious and investigative mind that will try to find ways around a certain obstacle, being a door in front of you (by lock-picking it, or finding another door that might be open or easier to break in) or a way of fooling someone into doing something to your advantage (getting them to tell you their passwords, for example). That's where Social Engineering enters, and it does so in a very eloquent way, as it is well established that the weakest link in Security is the human aspect.

To sum up, by constantly alternating between 2a and 2b you can not only have a feel for what needs mitigated (2a) but also how others might try to circumvent your defenses (2b), which you can in turn preemptively apply to 2a again before someone else has the time to exploit it. The reason why I think this is more important than pure technical skills is that this psychological approach is your engine to put things together, whereas the technical skills are the mere tools to get the job done. So you plan your tactics with your great mind and employ your defenses with your technical skills.